When you dive into the deep waters of the VPN ocean, you need to take some care and pay attention to some important aspects in order to use this powerful weapon properly. One of the most important ones is definitely choosing the right protocol: basically, these are responsible for your overall VPN speed and safety. At the light of the increasing number of privacy threats and spying eyes over your traffic (that can come from hackers, authorities or even governments) VPN providers offer you typically the same range of supported protocols: OpenVPN, PPTP, L2TP, IKEv2 and SSTP.
But what are the advantages and disadvantages of each one and which ones should your VPN service certainly have? Go through this guide and we’ll show you what protocol you’ll want to be using from now on.
OpenVPN is the main protocol you want to look for, since it is not only the most reliable, but it also perfectly balances security and speed. This protocol is essentially an open source application (meaning that users can contribute to the development of the software and fix issues) and has custom encryption based on SSL/TLS key exchanges. Because it can be fully configured to run on any port, setting it to UDP will make it faster, while directing it to TCP port 443 will make your online traffic look just like standard HTTPS traffic, making it very hard to detect, distinguish from other traffic, or block completely. Also, you can configure it to use the safer AES-256 encryption instead of the weaker 128-bit one. To top it all, there is no one (including agencies like the almighty NSA) that compromised the use of the OpenVPN protocol so far.
As for connection speed, it highly depends on factors like the service of your ISP provider and the servers you connect to. Overall, however, OpenVPN enjoys fast connections.
Although the vast majority of modern-day VPN providers already feature OpenVPN by default on their respective clients, some of them still do things the old fashioned way and work with a third-party app, either for desktop or mobile. Nonetheless, in what regards VPN providers that support OpenVPN, you should feel no stress finding one.
PPTP stands for Point-to-Point Tunneling Protocol and is, unfortunately, the worst choice possible regarding VPN supported protocols. If you use Windows it is most likely that you’re running PPTP since it has been part of each Microsoft operating system since Windows 95. Furthermore, it is also native in most mobile devices such as smartphones or tablets. Despite being widely available, PPTP is unfortunately known for having quite a wide range of security issues. It features basic 128-bit encryption, and it is also relatively unstable. In fact, you will encounter this problem quite frequently, because sometimes it will take more than one try to connect. Even worse is that even after being able to connect, connections can still drop randomly. As a matter of fact, it is such a weak protocol that NSA could decrypt its traffic easily and it is fairly easy to be blocked by ISPs too. This means that if you’re running PPTP, whoever wants to get access to your internet traffic will be able to do so without much effort.
Still, it features great speeds and is easy to set up. The most important rule regarding VPN protocols is that the tighter the security, the slower it gets. Translated to PPTP, it has a shortage of security measures, but abundant speeds are something that will always be associated with it.
However, due to being extremely unsafe an outdated, Apple made sure that the newer versions of iOS 10 and Mac OS Sierra don’t support PPTP. Considering all of the above, it is very likely that other companies will follow this step shortly.
L2TP has a name that speaks for itself; in fact, the Layer 2 Tunneling Protocol is the only one that provides a routing tunnel for your traffic. It will not have any kind of encryption by itself, hence why it is commonly associated with the IPSec encryption and is usually labeled L2TP/IPSec. Just like PPTP, this protocol is native on most devices including computers, smartphones and tablets, but unlike PPTP, it provides decent protection, since there are no major flaws known to date. However, there are still some catches: even though it has an easy setup, the Linux server one can be much of a challenge to configure accurately. Furthermore, because it uses UDP port 500, it can’t be disguised on another port, making it easier to block and harder to break firewalls.
As for speed, L2TP falls in the middle since your traffic will be put through a two-step process. First, that traffic is converted into L2TP and only then it is encrypted with IPsec; this means that this is a much slower protocol than OpenVPN for instance. However, if you are concerned about security, this protocol is a good choice, as it features 256-bit encryption too.
When talking about the IKEv2 protocol it is important to clarify that IKE stands for Internet Key Exchange, while v2 indicates it’s the second version of the protocol. IKEv2 was established collectively by Microsoft and Cisco to set up a security association in the IPsec protocol suite. To tell a long and very techy story short, IKEv2 was created due to some issues with the previous default IKE protocol. The improvements made were related to supporting NAT and firewall traversal, SCTP protocol support, fewer cryptographic mechanics and DoS (Denial of Service) attack resilience, among many others. As an IPSec-based tunneling protocol, IKEv2 assures full security, since it supports a wide range of chippers like 3DES, AES and AES-256. It also features fast speeds with which it is able to easily compete with its competitors like L2TP, PPTP and SSTP. However, IKEv2 uses UDP port 500 which can be easily blocked.
Mobile users may be the ones who benefit the most from the use of this protocol, as it supports the Mobility and Multihoming (MOBIKE) method. This ensures the almost complete elimination of connection drops and switches; in fact, IKEv2 is in a close second place as the perfect protocol for unstable Wi-Fi networks. Also, this is one of the few VPN protocols with support for Blackberry, which, considering that no other VPN protocols are supported by this OS, is good news for its users.
Last but not least, we have SSTP, which is the most widespread VPN protocol. Secure Socket Tunneling Protocol was created by Microsoft, hence it is best supported on Windows operating systems. Introduced in Windows Vista Service Pack 1 and supported on all Microsoft operating systems since its inception, it can be configured to use the solid and secure AES encryption. Its main competitor is OpenVPN, but since the latter is not integrated into Microsoft’s operating systems, SSTP is more suitable for Windows itself. To top it all, it even features better support too.
SSTP features high encryption, as it uses SSL v3 and the HTTPS TCP port 443. These two encryptions make it very hard for unwanted eyes to spy on you and block your internet access. However, with SSTP it is very easy to traverse through firewalls and NAT as well.
Unfortunately, the code of this protocol is not available to the public’s eyes since it belongs to Microsoft. In fact, it will only work properly on Windows platforms (although it is now offered for Linux, RouterOS and also SEIL users). But the worst thing is that Microsoft has a long history of co-operating with the NSA, therefore use it only if your data doesn’t need to be secured.
The Best Reviews team researches and tests all products first-hand. We've been reviewing products and services since 2012 and are proud to only publish human-created content.
Best Reviews may receive compensation for its content through paid collaborations and/or affiliate links. Learn more about how we sustain our work and review products.
©2012-2024 Best Reviews, a clovio brand –
All rights
reserved
Privacy
policy
·
Cookie
policy
·
Terms
of use
·
Partnerships
· Contact
us